Table of contents
A self-signed certificate was generated and used by Proxmox which will always generate a warning on the browser. I did not like seeing this when trying to work on my home lab. So, I started looking for ways to put a valid SSL certificate in Proxmox. During my research, I found that Proxmox could be made to integrate with acme.sh; a free SSL certificate generator powered by ACME(Let's Encrypt). - Source: dev.to / about 1 month ago
Dehydrated and acme.sh seems different. Is one of them fork? https://github.com/acmesh-official/acme.sh. - Source: Hacker News / 22 days ago
Next, we will install acme.sh, a command-line tool for managing SSL/TLS certificates. I prefer acme.sh over certbot, as it does not depend on the OS version. For more details about acme.sh, check its GitHub repo here. - Source: dev.to / about 2 months ago
As a result, any certificates issued (or renewed) after Feb 8th will not work on older Android devices (< 7.1.1), unless the ACME client has been configure to request an alternate certificate chain. The "alternate chain" workaround will also stop working on June 6th. I need to support these older Android devices so I am looking for alternatives. I have seen ZeroSSL mentioned a few times; it is also the default CA... - Source: Hacker News / about 2 months ago
For the few people here that happen to run a self-hosted email server with acme.sh for TLS key/cert generation and Cloudflare for DNS management, I have made a tool that I personally use to get a perfect 100% score on Internet.nl's email test. Source: 5 months ago
People wonder why I like using the shell-based ACME client like dehydrated (or acme.sh): * https://packages.debian.org/search?keywords=dehydrated * https://github.com/acmesh-official/acme.sh A kludgy as very long shell scripts are (thought to be), I have a better chance of being able to go through all the code and understand it than a dozen(+) Python libraries. - Source: Hacker News / 5 months ago
Acme.sh is a lightweight Unix shell script for automatic issuance and renewal of free certificates in a Unix environment. It's compatible with Bash, dash, and sh; Docker/IPv6 ready; requires no external dependencies; and can issue, renew, and install certificates without the need for root or sudoer access. Thanks for this recommendation go to blitznogger. Source: 6 months ago
Error troubleshooting: 1.Failed to obtain Github files, please wait for Github to recover and try, the recovery progress can be viewed at [https://www.githubstatus.com/] There is a bug in the 2.acme.sh script, see [https://github.com/acmesh-official/acme.sh] issues. Source: 7 months ago
v0.9.1 is out and natively supports both https://github.com/joohoi/acme-dns and any dns provider available in https://github.com/acmesh-official/acme.sh. Source: 12 months ago
u/gregtwallace maybe in the short term until you write your own, you could provide a hook into one of the many ACME client implementations which do DNS-01 and support the majority of major DNS provider APIs out of the box? That would make your (really great!) project much more widely usable. Source: 12 months ago
For linux I am using acme.sh https://github.com/acmesh-official/acme.sh on some servers and certbot on others. Acme.sh comes with many ready deployment scripts like for panos and sendmail. Source: about 1 year ago
It's all here: https://github.com/acmesh-official/acme.sh or just use a tutorial like this here: https://www.christosgeo.com/2022/02/03/renew-lets-encrypt-certificates-on-synology-using-acme-sh/. Source: about 1 year ago
I've always just used acme.sh with DNS-01 verification. An easy to use bash script. Source: about 1 year ago
This is a lot more complicated setup but it works for me. I run a private CA called step-ca from smallstep and it provides CA and ACME endpoint. I use a .home domain. The trick is the validation for non-http devices which is typically the DNS-01 challenge. For this, I have unbound in pfsense setup to work with acme-dns so I can keep everything internal. Again its complicated but if your learning cyber... Source: about 1 year ago
> Oh, and that 500-line shell script probably ends up being a 5000-line Python monster anyway. The dehydrated ACME client is 2400 lines of bash/zsh: * https://github.com/dehydrated-io/dehydrated The official Let's Encrypt client is written in Python, and the core 'executable' is much longer, and in addition it pulls in a boatload of dependencies: * https://packages.debian.org/bullseye/python3-certbot. - Source: Hacker News / about 1 year ago
I can recommend using acme.sh for those types of situations. Source: about 1 year ago
Acme.sh (https://github.com/acmesh-official/acme.sh) appears to support OL. I believe you need to change some config option or command line parameter to have it use Let's Encrypt now but try it out. Source: over 1 year ago
I use dns-01 for verification via acme.sh. Source: over 1 year ago
I'm not surprised the website isn't accessible at web.myname.dev, but I am surprised that it's not accessible at web.myname.dscloud.me, since that should be redirecting to nas_local_ip:443 the same way the router one is redirecting to router_local_ip:443. So clearly I have at least two things wrong here, one issue that's preventing the reverse proxy on the Synology domain from working, and another bigger issue... Source: over 1 year ago
If it's an insecure connection issue, you can also potentially secure it with a free domain name (I use Freenom), free dynamic DNS(I use afraid.org) & a free self-renewing SSL certificate from Let's Encrypt. There are a ton of Let's Encrypt (ACME protocol) compatible client & one of the more newbie friendly one is the ACME.sh script. Source: over 1 year ago
Yes, kind of. Terminology first: ACME is a protocol for requesting and renewing certificates. It was designed by the Internet Security Research Group (ISRG) for their Let's Encrypt service. Certbot is one client that implements the ACME protocol, and ACME.sh is another. Source: over 1 year ago
Do you know an article comparing acme.sh to other products?
Suggest a link to a post with product alternatives.
This is an informative page about acme.sh. You can review and discuss the product here. The primary details have not been verified within the last quarter, and they might be outdated. If you think we are missing something, please use the means on this page to comment or suggest changes. All reviews and comments are highly encouranged and appreciated as they help everyone in the community to make an informed choice. Please always be kind and objective when evaluating a product and sharing your opinion.
